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DETAILED ACTION 
Specification ( 

1 . The title of the invention is not descriptive. A new title is required that is clearly indicative of the 
invention to which the claims are directed. 

The following title is suggested: Remote software installation with security. 

2. The disclosure is objected to because of the following informalities: 

The lengthy specification has not been checked to the extent necessary to determine the presence of all 
possible minor errors. Applicant's cooperation is requested in correcting any errors of which applicant may 
become aware in the specification. 

Appropriate correction is required. 
The above examples are illustrative only. Applicant is requested to ensure that any other instances are 
corrected. 

Claim Objections 

3. Claim 1, 20, 29, 38, 57, and 58 are objected to because of the following informalities: The claims read 
". . . for generating, installing to a . . they should read "for generating an install process. . .". Appropriate 
correction is required. 

The above examples are illustrative only. Applicant is requested to ensure that any other instances are 
corrected. 



Claim Rejections - 35 USC §102 
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4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the 
rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed in the United States 
before the invention by the applicant for patent or (2) a patent granted on an application for patent by another filed in the United 
States before the invention by the applicant for patent, except that an international application filed under the treaty defined in 
section 35 1(a) shall have the effects for purposes of this subsection of an application filed in the United States only if the 
international application designated the United States and was published under Article 21(2) of such treaty in the English language. 

5. Claims 1-5, 7-12, 16, 20, 29-34, 38-39, 41-47, 53, 57, 58 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Shostack et al (6,298,445). 

In reference to claims 1, 20, 29, and 38, Shostack discloses installing software and updates to a plurality 
of linked remote computers (Fig. 1), and monitoring a secure network of nodes (Fig. 2), said system 
comprising: at least one software application (column 2 lines 35-38 in combination with column 8 lines 1 2- 
1 5); an installation server, configured to facilitate installation of said at least one software application (column 
8 lines 1 -2); a generator, configured to generate a plurality of software components from a network definition, 
including a plurality of agent modules, wherein each agent module is executable on a corresponding remote 
computer to initiate communication with said installation server and subsequent installation of a 
corresponding software application on said remote computer to form a node, wherein each of said nodes is 
capable of automatically establishing communication with others of said nodes according to said network 
definition (column 7 lines 31 -35 in combination with lines 1 0-20); and a monitor node configured to monitor 
security of said network (column 7 lines 20-2 7). The push system generates the components for the update 
and the software installation from the data provided by the NSD (Network security Detector, column 7 lines 
1 5-19). The NSD defines system by defining the vulnerabilities in the system and adds these to the database, 
which the push system uses to create the updates for the security software. The remote nodes are able to 
initial communication with the server that provides the updates (column 9 lines 25-2 7). The client is able to 
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initiate communication with the server and is thus able to communicate with other nodes on the network. In 
addition the computers are connected on the same network and are thus able to communicate accordingly 
(Fig. 1). 

6. In reference to claims 2-3, wherein the remote computers are linked substantially by the Internet and 
the intranet (column 4 lines 13-21). The system is a local network (intranet) that is connected to the Internet. 

7. In reference to claims 4-5, and 39, Shostack system authenticates the identity of the user and the 
integrity of the connection (column 13 lines 31-36) as a result the system would inherently have to identify one 
of said plurality of remote computers to obtain the integrity of the computer; an identification of at least one 
software application to be installed on said remote computer to form a node (Fig. 4B); and an identification of 
each other node to which said node is to be linked to, and the remote computers IP address and node name to 
define the map of all ports on the network as describe in column 7 lines 17-18. 

8. In reference to claim 7, 32-33, 41, and 44, the installation server of Shostack is configured to facilitate 
said installation of said corresponding software application as a function of a verification that said agent module 
is executing on said corresponding remote computer, according to said network definition (column 4 lines 22- 
27). 

9. In reference to claims 8, 30, 31, and 43, the installation server of Shostack is configured to facilitate said 
installation of said corresponding software application as a function of a verification that said agent module has 
not been previously installed (column 9 lines 25-30 in combination with column 10 lines 50-55). 

10. In reference to claim 9, the firewall is the second node of Shostack is configured to determine the 
presence of an interposed, unintended node (column 6 lines 35-40). The firewall is the first line of defense and 
therefore detects the unintended node attempting to connect to the network. 

11. In reference to claim 10, the monitor node is further configured to selectively terminate operation and 
connection of one or more tainted nodes in response to a detected security violation (column 6 lines 57-58). 



Application/Control Number: w Page 4 

Art Unit: 2131 

12. In reference to claims 1 1 and 46-47, the system initiates a regeneration of a set of said software 
components (column 1 1 lines 50-51), reinstallation of said at least one software application (the update 
processor implements the suggested repairs and therefore a new installation, column 1 1 lines 51-54), and 
selective relinking to other nodes for each of said selectively terminated one or more tainted nodes and 
according to said network definition (the intruder is disengaged therefore the nodes that the intruder has 
connected to and as a result there is a selective linking which leaves out the nodes that have been violated, 
column 6 lines 57-58). 

13. In reference to claim 12, the monitor node and each of said nodes communicate using secure data 
transfer using an asymmetric cryptosystem (column 13 lines 55-65). 

14. In reference to claims 16 and 53, further Shostack includes the monitor generating a report that is sent to 
the management station for analysis (column 13 lines 23-27) where accounts may be analyzed and therefore 
generate billing information as a function of the selective linking of said node to said other nodes. 

15. In reference to claim 34, Shostack teaches a system that is configured to analyze software components 
and determine the presence of trap doors (Table 1). 

16. In reference to claims 42 and 45, the system disclosed by Shostack suggests generating a unique local 
password for each node and verifies the remote computer by entering the local password and verifying the local 
password (Table 1). 

17. In reference to claims 57 and 58, Shostack discloses a system for generating a install process to a 
plurality of remote computers, and monitoring a secure network having a plurality of nodes, a generator, an 
installation server, and a monitor node (column 4 lines 13-21), said network may be used for conducting 
financially related transactions between a custody system of a bank and a trading system of a financial client 
because they require secure communications of data as suggested by Shostack. The system created by Shostack 
modifies often depending on vulnerabilities (column 4 lines 47-50), and could be used by a bank sales 
department, which creates a network definition embodying the network required by the financial client and to 
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be generated, installed and monitored by the bank owning the network security detection system as in Shostack. 
Modeling and testing said network definition, by a bank development group, which would use the network 
security detection for testing the system as disclosed by Shostack (column 7 lines 20-30) and then initiate the 
updates (column 9 lines 25-27). Obtaining authorization from a bank network administration group and 
installing said network definition on said generator, by said bank development group (column 9 lines 25-27). 
Obtaining by said bank sales group a sales password and authorization to install network from said network 
administration group, suggested by Table 1, which shows that passwords are used for authorization and 
therefore examined for vulnerabilities. Shostack suggests auditing on said generator a generated network 
definition by comparing said generated network definition to said network definition and inputting said sales 
password as an indication of a favorable comparison, by said bank sales group. Since the system checks the file 
to see if it is the most current file before installing it, the network is defined by the vulnerabilities of the 
network, where the most resent vulnerabilities would be contained in the most resent install which is the most 
recent network definition (column 10 lines 50-55). The password of the sales and audit group are common 
methods of verifying the user is eligible for the software enhancement (column 8 lines 22-25). The system 
generates with said generator a plurality of software components to be installed on said plurality of remote 
computers to form said plurality of nodes of said network, said components including: (i) a plurality of agent 
modules, each agent module having the capability to establish communications with said installation server; (ii) 
a local sales password, for each agent module; (iii) a local audit password for each agent module (column 13 
lines 1-7 in combination with lines 47-50). Registering said agent modules with said installation server, 
wherein said installation server has access to at least one or more bank custody software applications to be 
stored on each of said plurality of remote computers to form said nodes, according to said network definition. 
The remote device connects to the network service thereby giving information about itself, and thus registering 
(column 12 lines 58-61). Communicating to each remote computer a corresponding one of said local sales 
passwords to a sales department representative, and communicating to each remote computer a corresponding 
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one of said local audit passwords to an audit department representative is suggested in the system by Shostack 
because of the use of passwords (column 12 lines 58-61). Executing each agent module on its corresponding 
remote computer, entering said local sales password to verify that said agent module is installed on its 
corresponding remote computer according to said network definition, and downloading said corresponding at 
least one bank custody software application (column 8 lines 7-18 in combination with column 10 lines 42-49). 
Executing each of said at least one software applications on its corresponding remote computer, establishing 
communication with said monitor node entering said local audit password to verify that said at least one 
software application is installed on its corresponding remote computer according to said network definition 
(column 12 lines 47-57). The system checks that mapa network and programs therefore verifying the software 
application is installed on its corresponding remote computer according to the network definition. Selectively 
linking said nodes into said network is suggested in column 6 lines 56-58, since nodes can be electronically 
disconnected. 



Claim Rejections - 35 USC §103 

18. Claims 13-15, 17-19, 21-28, 35-37, 48-52, 54-56, and 59 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Shostack as applied to claim 12, 1, and 38 respectively above, and further in view of 
Schneier. 

19. In reference to claims 13, 17, 21, 25, 26, 35, 48, and 55, Shostack discloses each sender having a unique 
key (column 14 lines 17-18). 

However Shostack does not expressly disclose a system wherein said secure data transfer is 
accomplished using data encryption, and wherein data transferred in each direction between two linked nodes is 
encrypted differently. 

Schneier discloses the use of encryption for two-party communication (Figure 1.3). The data transferred 
in each direction between two linked nodes is encrypted differently because each end nodes has a different key 
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because there is only one private key for decryption and the public key is published for encryption, therefore 
each party would publish their specific public key and the data would therefore be encrypted differently. 

At the time the invention was made, it would have been obvious to a person of ordinary skill in the art to 
use encryption to send data from one node to another as described in Schneier. One of ordinary skill in the art 
would have been motivated to do this because encryption is used to disguise a message in such a way as to hide 
its substance (Schneier page 1 paragraph 2). 

20. In reference to claims 14, 23, and 54, each of two linked nodes uses a unique pair of encryption keys to 
accomplish said data encryption, and each pair of encryption keys includes a substantially hidden private key 
and a public key (Figure 1.3). 

21. In reference to claims 15, 24, and 49-50, 52, the monitor node would have to selectively initiate a 
coordinated strobing of each pair encryption keys between two linked nodes to the unique key for every node. 

22. In reference to claims 18, 22, 27, 36 and 51, Schneier teaches that a randomly generated private key and 
public key pair for data encryption (Figure 1.3), wherein data to be transferred to said installation server is 
encrypted using said public key and is decrypted by said installation server using said private key (Figure 1.3). 
Schneier teaches that good keys are random-bit strings generated by some automatic process (page 173 
paragraph 3). 

23. In reference to claims 19, 28, 37, 56, the Shostack monitor node is configured to compare the 
installation server cryptographic checksum with the cryptographic checksum used by one of said plurality of 
remote computers to encrypt data sent to said installation server, a negative comparison being indicative of a 
security violation (Shostack, column 14 lines 21-29). After the comparison it would be elementary to signal a 
violation if the values do not match. 

24. In reference to claim 59, it is inherit that financial data requires confidentiality. Therefore the first 
system of said first group is a custody system of a bank and said second system of said second group is a trading 
system of a financial services group, in the two party confidential communication (Figure 1.3). 
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25. Claims 6 and 40 are rejected under 35 U.S.C. 103(a) as being unpatentable over Shostack as applied to 
claim 1 and 38 respectively above, and further in view of Sandahl et al (6,098,098). 

Shostack does not disclose a plurality of node configuration files, wherein a different one of said node 
configuration files corresponds to a different node and includes information for facilitating selective 
communication with others of said nodes according to said network definition; and at least one network 
information file, having information corresponding to substantially all links between nodes and accessible by 
said monitor node to facilitate the selective linking of said nodes. 

Sandahl discloses a system for managing the configuration of multiple computer devices over a network 
(column 2 lines 27-34). The system includes a file server that has memory for storing master configuration 
information for each of the computer devices on the network, and the computer device compares data 
characterizing its master configuration information with its local configuration. This means that each computer 
keeps a copy of its local configuration (column 2 line 56 to column 3 line 5). 

At the time the invention was made, it would have been obvious to a person of ordinary skill in the art to 
use a file server to maintain copies configuration information as taught by Sandahl in the system disclosed by 
Shostack. One of ordinary skill in the art would have been motivated to do this because it would assure that the 
configuration of each network device provides desired network system operation while minimizing network 
bandwidth usage (Sandahl column 2 lines 20-25). 



26. The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 



Conclusion 



Shostack et al 



6,298,445 Bl 



Sandahl et al 



6,098,098 
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Mishra et al 



6,523,166 Bl 



Any inquiry concerning this communication or earlier communications from the examiner should be 
directed to Paula W Klimach whose telephone number is (703) 305-8421. The examiner can normally be 
reached on Mon to Fri 7:15 a.m to 3:45 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, Ayaz 
Sheikh can be reached on (703) 305-9648. The fax phone number for the organization where this application or 
proceeding is assigned is (703) 872-9306. 

Any inquiry of a general nature or relating to the status of this application or proceeding should be 
directed to the receptionist whose telephone number is (703) 305-4832. 
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